Centrally controlled safe management system

ABSTRACT

A cash management system utilizes a cloud computing model wherein a cloud of one or more servers may be locally networked or may be geographically dispersed and accessed by the client device over the Internet. The client device is a cash management safe. More than one safe may be employed in a system. Metrics, control functions, and interactions normally handled by an autonomous safe are shunted directly to a cloud server on the network. Usage data, currency validations, coin validations, security entries, etc. are communicated to the cloud server. The cloud server(s), based on database information and software settings, can transmit configuration, updates and information to remote safes. The information transmitted may include user configuration, access rules, currency configuration, alert configuration, and software and firmware updates. The cloud server based cash management system allows the entire cash management of an enterprise to be provided as a service to that enterprise.

RELATED U.S. APPLICATION DATA

This application is a continuing application of U.S. application Ser.No. 13/248,000, filed on Sep. 28, 2011 and published as U.S. PublishedApplication 2012/0073482 A1. Through U.S. application Ser. No.13/248,000, this application claims priority from U.S. provisionalapplication No. 61/387,438, filed on Sep. 28, 2010. The entiredisclosures contained in U.S. provisional application 61/387,438 andU.S. application Ser. No. 13/248,000 including the attachments theretoare incorporated herein by reference.

FIELD OF THE INVENTION

This invention relates generally to a method and apparatus for centrallycontrolling access to valuable items and specifically currency stored ina remote safe. More specifically, the invention relates to a cloud-basedcontrol system for managing safes and other money control systems incommercial settings.

BACKGROUND OF THE INVENTION

Protecting currency in a commercial setting continues to be a crucialand often daunting task, notwithstanding the great strides made indeveloping security systems over the last 100 years. Electronic cashmanagement systems have largely taken the place of the traditional steelvault or safe, and point-of-sale cash registers have become much moresophisticated as they have become microprocessor controlled. Yet, allgreat advances in security equipment have been followed by moreelaborate thievery schemes such that the commercial world has needed tocontinually update and improve.

Many standard business practices and policies have been developed toaddress the problem of retail theft. For instance, businesses typicallydo not allow large amounts of cash to accrue at any point-of-salelocation. Thus, in a given retail store, there is typically a centralsafe where excess cash from cash registers is deposited forsafe-keeping. Some protection is obtained by restricting the employees'access to such safes. Similarly, armored cars are used to transport thecash from stores to the bank. However, since the accounting itself isdone manually, there are glaring gaps in the security system. Anotherproblem with safes is that they may be physically removed and therewould be little or no evidence of how much cash was stolen.

In a larger business setting, it may be necessary to have a number ofdifferent portals where cash is accepted from customers. Safes have alsobeen developed for cash control that include basic cash managementfeatures such as the ability to make change or to scan for counterfeitcurrency. In addition, it is commonly the case that numerous employeeshave access to cash depositories throughout the day. Accordingly, it isimportant that a business be able to manage cash access and control suchas to reduce thievery and enable accountability to be enhanced amongcash-handling employees. This has led to the development of safes thatidentify the cash deposits and withdrawals and track them according toan individual employee. The capability to identify and verify theidentity of employees is essential to accountability.

In business settings involving multiple cash depository stations, themanagement and oversight of the total collection of data and cash fromthe stations can be quite a challenge. Prior art systems have beendeveloped to enable multiple cash depository safes to be integratedtogether, but such systems are often costly and complicated. Inaddition, the integration of multiple safes can lead to a compromise ofsecurity in that should the code or access to part of the system becompromised by, for example, the resignation of a key employee withaccess information, the entire system may be vulnerable. In thisrespect, the process whereby one safe serves as a controlling mastersafe for the group of networked safes could actually undermine thesystem when access rights are shared or compromised, or software ishacked. Likewise, when one or more of a collection of networked safesutilizes software that is “resident” on the safe or cash access terminalitself, a risk exists that the entire system could be compromised by aphysical break-in to a particular safe to access and de-code theresident software.

DESCRIPTION OF THE PRIOR ART

Prior art safe systems have generally taken the approach that one ormore central deposit safes will be located throughout the establishment.In large stores, there are several such safes that may be convenientlylocated throughout the store. In the past, these safes, althoughcomputerized, have been largely stand-alone. Their upkeep andmaintenance was done manually by on-site personnel. There was an obviousneed to coordinate and control the operation of these safes. It wastherefore natural to create a local network comprising these safes. Thistoo was achieved with the additional benefit that there could be acentral controlling safe that would house the security software, andcontrol the entire network.

For instance, an electronic lock and money control system is disclosedby Smith et al in U.S. Pat. No. 7,063,252. It allows for a single unitstandalone operation or a network of multiple units having one unitoperate as a centralized network controller. This control unit has acontrol system that communicates with an input device, a display device,a connector interface and an electronic lock mechanism. It facilitatesthe monitoring and accumulation of financial and operational informationfor each remote unit. It also allows for the integration and addition ofclient units with reduced marginal cost. This invention caters to theneeds of a typical large business. However, different businesses willneed to be provided with different network systems with differentindividual control units. It also leaves the responsibility ofinformation retrieval, storage and upgrades largely in the hands of thebusinesses, thus making it less cost effective. Moreover, this leads toduplication on the part of the business providing the solution, and thisadded cost of production of individual control units and maintenance ofthe network and associated software is invariably borne by the clientbusinesses.

Moreland et al discloses an invention in U.S. Pat. No. 7,264,150. Thisis a computerized drop safe that runs control and security software on aCPU unit. The vault door is remotely controlled, and users haverestricted access based on a pre-determined hierarchy developed withinthe company. Information is retrieved, transmitted and stored remotelyover the Ethernet. A unique feature of this invention is that it runs auser-friendly script that allows an end-user employee to generatecustomized reports without having to write code in some computerlanguage. A similar control unit to control an electronic lock isdisclosed in U.S. Pat. No. 7,576,633. In this patent, McGunn et alteaches how to control a safe having an electronic lock, and how tomaintain a database of activity related to such an electronic lock.

MOTIVATION FOR THE INVENTION

With retail businesses having several geographic locations, there is aneed to widen this network so as to incorporate all the safes in thedifferent places, and also keep accurate accounting records. Thissubstantially increases the amount of currency and the number oflocations that have to be monitored. This raises maintenance anddevelopment challenges, making the entire network less cost-effective tobusinesses. More and more businesses are relying on external partners tomaintain their networks and servers, so that the business itself mayfocus on improving its core operations.

The 24-hour cycle of retail businesses, and the plethora of franchisesowned by separate parties, adds to the complexity of the monitoringsoftware. Modern businesses also may operate within more than onecountry. This gives rise to the need for a capacity to handle multiplecurrencies, in different denominations, operated using multiplelanguages, and in multiple time zones. Add to that the need forreal-time data transport, analysis and accounting, tailored toindividual businesses, and we are confronted with a significantcomputing challenge. Providing such a range of services locally is notoptimal, nor is it practical to provide software solutions by periodic,physical, and manual upgrades of the client devices.

Moreover, in maintaining, verifying, and monitoring these large datasets, a considerable amount of storage space is required; a fast LAN/WANconnection is essential; and a central core processor becomes a must.Thus, it is no longer practical to have a local network in a store, withone of the safes controlling that network. At the same time, any remotecontrol of the network will have to be designed in a sufficientlyefficient manner to avoid issues of manual system upgrades, storagecapacity, processing speed, local network downtime, and servermaintenance downtimes. In addition, all proprietary information must bestored away from the local network to avoid system-wide theft.

Thus, there is a great need to improve the prior art to address theneeds of modern global businesses. In particular, there is a need for asophisticated and state-of-the-art true enterprise system that ispreferably based on geographically distributed cloud servers, but thecloud of one ore more servers could be housed on the local network.Given the limitations in the prior art outlined above, it becomesimportant that the safe, which is a client device, is preferably notoperated in a stand-alone mode. There is a need to maintain theintegrity of cash deposits by remotely controlling the access rules forunlocking of the deposit drawer, and locally requiring an authenticatedpassword to successfully complete such a manual deposit. There is also aneed to support multiple currencies and multi-lingual platforms.Moreover, local businesses may retain some control over the particularfirmware they wish to install, and this firmware should then bedownloaded and installed remotely. Although identification methods wouldbe needed to operate these networks, it is desirable not to store suchinformation on local clients. Apart from digital theft, this alsoprotects loss of data due to malware, system failures, and othermechanical malfunctions. Finally, to maintain the efficiency of all theprocesses, handle the data and provide real-time feedback, accountingand storage, there is an urgent need to provide a central server(s) thatcan control an army of clients deployed worldwide.

For the reasons identified above, there is a need in the market for asystem wherein a collection of safes can be integrated for the purposesof accounting and business cash management with centralized control, andyet constructed such that each safe itself performs only a limitedamount of analytical functioning at the terminal level where security ismore likely to be compromised by either a hacker or a dishonest insider.

SUMMARY OF THE INVENTION

In order to achieve the goal of eliminating the security and practicaldeficiencies noted above, the need exists for a new system for cashdepository safe management. According to one aspect of the presentinvention, the control structure consists of a cloud-based saferegulation system wherein one or more safes are controlled by softwareresident upon a cloud server or servers for remote hosting. In such asystem, each of the plurality of safes is operated independently of eachother, with a control relationship directed solely to the cloud-basedserver system. According to another aspect of such a system, each of thesafes would have no means whereby control could be achieved through asister safe in order to prevent the system from being compromised if anyone safe or more is hacked.

According to another aspect of the present invention, a collection ofone or more safes is arranged throughout a retail facility with each oneincluding only a limited amount of control software present on theparticular terminal. Resident memory on the terminal unit is limited,and processing is limited to a relatively minimal set of well-definedand relatively unsophisticated data management functions. All keycontrol and access parameters are achieved through the central server,which may be a network of servers, i.e. a cloud server.

In a preferred embodiment of the invention, the system is essentially acloud-based enterprise system, wherein each of a plurality of safes isessentially a client device with all accounting and control functionsoperated remotely. As such, the safes would be unable to function asstand-alone devices, severed from the control portal. This enablesgreater security of the overall system by enabling a damaged orcompromised unit to be severed from the system without affecting otherunits.

In other preferred embodiments, both the individual safe units and theserver are solid state devices operating through Linux-based controlsoftware. Given that the client/safe units have limited individualprocessing capabilities, the units report real time information to theserver. This information includes such parameters as: a) on-boardtemperature at the safe unit, b) device type and serial number, c) notecount—accepted, rejected, stacked, value date and time stamped, d) userinformation such as logging in times, transaction ID and activityassociated with the user, e) alarm information, and f) local areanetwork/wide area network (LAN/WAN) connectivity status. The client/saferequires that a user log in and enter manual deposit information beforethe manual deposit drawer is unlocked and opened. The system allows forremote authorization and remote removal of identification methods, suchas PIB numbers, magnetic cards, I-Keys, proximity cards, and biometricreaders.

In some embodiments of the invention, the safes would includeuser-friendly features including the capability for a local user toaccess the safe through multiple languages. Such arrangement couldaccommodate the use by employees of different cultures within aworkplace, and enable the safes collectively to be dispersed throughoutthe World without regard to language translation difficulties. Anotheruser-friendly feature could include a liquid crystal display (LCD)indicator for each cash accepting module that displays the currencyaccepted and any appropriate error messaging or warnings to the user. Inaddition, a slide out tray can accommodate easy maintenance and cleaningof the cash accepting modules.

In some embodiments, interior lighting is installed in the safes inorder to accommodate use of the unit at night or in areas of low ambientlighting. In such embodiments, the lighting can be triggered foroperation by the opening of the door, using a spring-loaded depressionswitch or the like.

In yet another embodiment, the graphical user interface present at theclient/safe unit could also be used as a communication portal totransmit messaging from the server. This could include delivery ofgeneral notices or advertising to the employees or other users in acompany.

The embodiments of the present invention significantly improve thesystem over disadvantages existing in the prior art. It provides a trueEnterprise system wherein a safe is a client device, and may preferablynot operate in stand-alone mode. The system itself is local or cloudserver based. Both the clients and servers are solid state centralprocessing unit (CPU) based and run proprietary software. Each clienthas at least one cash accepting module which can accept multiplecurrencies. The system itself is multi-lingual. Authentication isperformed remotely by accessing the server, and this secure informationis not stored locally. System upgrades and routine maintenance are alsoperformed by remote downloads of firmware. These and other novelfeatures of this invention are described in the detailed specifications.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic of an embodiment of the remotely operated cashmanagement system of the present invention.

FIG. 2 is a perspective view an embodiment of a cash management safe.

FIG. 3 is a side sectional view of the body of a cash management safeand a rear view of the safe door to show the internal components of oneembodiment of a cash management safe.

FIG. 4 is a sample diagram of the CPU tray represented by item 52 in theembodiment shown in FIG. 3.

FIG. 5 is a rear schematic view of an embodiment of a cash managementsafe.

FIG. 6 is a front view of an embodiment of a cash management safe.

DESCRIPTION OF EMBODIMENTS

Referring now to FIG. 1, an embodiment of a cloud-based cash managementsystem 11, may be seen. In the embodiment of FIG. 1, cash managementsafes 1 are networked to a remote cloud-based server 8, which may be anetwork of multiple physical servers. The cash management safes 1connect to either a local firewall or router 2 using either aconventional Ethernet cable 10 or a wireless link to a wireless networkrouter or access point 2. In the case of a LAN deployment, device 2 maybe an Ethernet hub or switch.

Upon power up, the cash management safe 1 communicates with an on-sitedynamic host configuration protocol (DHCP) server 3 to obtain anInternet Protocol (IP) address and Internet access. In someconfigurations, the function of device 3 may be performed by device 2.Optionally, cash management safe 1 can be programmed with a static IPaddress eliminating the need for device 3.

The cash management safe 1 establishes a high security encrypted virtualprivate network (VPN) channel 4 over either a WAN or a LAN to a cloudserver 8 by using a high security encryption algorithm. An example ofone suitable, commercially available high-security encryption algorithmis Blowfish™. Cash management safe 1 automatically polls through cloudservers 8 until it can establish a secure connection. The cashmanagement safe 1 is authenticated by a pre-installed electroniccertificate that uniquely identifies it to the cloud servers 8.

Prior to installation of a cash management safe 1, if the optionalinterface to a customer server exists, then customer's server 7 wouldgenerate or be provisioned with some combination of electroniccertificates, login ids, and/or passwords that allow remote access tothe customer server 7 by cash management safe 1. This authenticationdata would be transferred to the cloud servers 8 over network connection9. The connection between the cash management safe 1 and customer server7 is shown by 5 and uses an encrypted Internet protocol that mayinclude, but not be limited to, secure file transfer protocol (sftp).

Upon initial installation at an end user site, the cash management safe1 would create the VPN channel 4 to a cloud server 8 as describedherein. The cash management safe 1 would then download from a cloudserver 8 some or all of the following information: Site information,configuration information, language, currency configuration, user list,user passwords, user authentication rules, manual drop types, EOD type,lock time delay configuration, transactions codes, user access rules,software imposed limits on currency cassette capacity, user roledefinitions, alert configuration, alert e-mail notification list,departments, and shift configuration. If the optional interface to acustomer server 7 is present, then any necessary electroniccertificates, logins, passwords, or other access information would besent from the cloud server 8 to the cash management safe 1, as well.

Referring now to FIG. 2, several external features of cash managementsafe 1 are visible. Safe 1 employs several hardware elements that maysecurely and intelligently receive cash, coin, checks, and otherfinancial instruments and may dispense cash and coin as well. Thesehardware elements may interface with a cloud server 8 via a solid stateCPU internal to cash management safe 1 and in some cases have theiron-board operating instructions updated by cloud server 8. In theembodiment shown in FIG. 2, cash management safe 1 has an upper panel 21and two lower doors, automated exchange door 30 and manual storage door40.

Referring now to FIG. 3, internal to cash management safe 1 is CPU tray52, a chassis for the cash collector 53, a cash collection bin such as acassette 54, an optional bulk note feeder 55, a bill validator 56, and aUSB switch module 63. An upper vault door 30 contains LCD cashprocessing screens 37. Also on upper vault door 30 is a locking slidebar 61, a bolt location sensor 75, and intelligent USB sessioninitiation protocol (SIP) lock mechanism 62. A lower vault door 40 alsocontains a locking slide bar 61, and a bolt location sensor 75, andintelligent USB SIP lock mechanism 62.

Referring now to FIG. 4, this figure shows a detailed view of anembodiment of CPU tray 52. CPU tray 52 contains a fanless CPU board 66which may contain interfaces for Ethernet, USB, RS-232 Serial, Parallel,VGA Video and Audio, where the interface supports both input and outputaudio. CPU board 66 also supports RAM memory slots, serial advancedtechnology attachment (SATA) disk channels, and expansion slots (such asperipheral component interconnect (PCI) or PCI Express). The embeddedoperating system, firewall capability, and other proprietary softwareare contained on a solid state flash memory chip 73 attached to a SATAport. An encrypted USB flash memory chip 72 contains the proprietaryapplication and local data cache. A 4 channel relay board 74 iscontrolled by CPU board 66. The power for each cash acceptor 31 isrouted through a relay channel on board 74 as well as power to aninternal buzzer 76.

All proprietary software running on the cash management safe 1 is storedin encrypted flash memory chip 72. To access flash memory chip 72, anaccess code is required. The software program displays a touch screen 22upon boot up that contains a challenge code and a phone number to call.The system operator then calls the phone number to reach a call centerand provides the challenge key to the call center. The call center thenenters the challenge key in a secure area of the cloud server's 8 webservice software and a response key is generated and provided to thesystem operator. The system operator enters this key using touch screen22. If the response key is correct for the challenge code entered, thenaccess to the encrypted file system is achieved. If not, then theresponse code can be re-entered up to a fixed number of times (asconfigured in the web services) before a new challenge code is issued.

Routing the power for each cash acceptor 31 through a relay channel onboard 74 provides at least one advantage for maintaining operation ofcash acceptors 31. To clear jam conditions in a cash acceptor, it issometimes necessary to recycle power to the cash acceptor. Typically, inprior art cash management systems, this would require a recycle of powerto the entire safe since the cash acceptor is embedded in the safe.However, various embodiments of cash management safe 1 provide a relaycircuit to the power supply of cash acceptors 31 that the software cantrigger to recycle power only to the individual acceptor 31.

Referring now to FIG. 5, this figure shows the rear of cash managementsafe 1. Contained on the rear of cash management safe 1 is an externalinterface panel 65 which contains connectors for power, network, sensoroutput, USB, and a power switch. A seismic sensor 71 may be optionallyattached to the back of the safe. A cover plate 64 attached withsecurity screws conceals access to the USB switch 63 and the USB cablesfrom the internal SIP locks 62 which attach to it.

SIP locks 62 (as shown in FIG. 3) in cash management safe 1 containtheir own microprocessor. The lock circuitry is powered solely by USBpower. In the event of any type of hardware failure in the cashmanagement safe 1, including complete loss of power or shorting of powercircuitry, removal of cover plate 64 allows the attachment of a FieldService Unit (FSU) directly to the USB interface of the lock 62. The FSUwould then power the lock 62, and using a proprietary software module,with the appropriate challenge key and response code, lock 62 may beunlocked.

Returning to FIG. 2, upper panel 21 houses touch screen 22. Touch screen22 is capable of changing its display and CPU 66 drives those changesinteractively based on inputs from a user. Touch screen 22 can displayprompts, menus, alphanumeric pads, instructions, and other messages. Auser can make selections or enter data on touch screen 22 and CPU 66responds to inputs to touch screen 22 by the user. These responses mayinclude instructions to other elements as well as changes to the displayof touch screen 22. In addition to operational information, the touchscreen 22 may display information specific to a user, and in some casesmay display advertising style information. In particular, during idletimes, touch screen 22 may display advertising using a screen saverstyle display.

Still referring to FIG. 2, in the embodiment shown, automated exchangedoor 30 has at least one bill handler 31. Depending on the particularapplication or embodiments, bill handlers 31 may be configured to becurrency validators. Currency validators are capable of acceptingcurrency and validating the denomination of a bill as it is accepted.Some embodiments of the cash management safe may have a first billhandler 31 configured to accept and validate bills from one or morenational currencies, while having the other handler(s) 31 configured toaccept and validate bills from different national currencies. When billhandlers 31 are currency validators, they may have their on-boardprogramming, or firmware, modified by cloud server 8. The modificationof the firmware may be to allow a validator to validate newly issuedbills of a currency, or validate bills of a different currency orcombination of currencies. In some embodiments of cash management safe1, one of bill handlers 31 may be a bill dispenser, dispensing currencyas instructed by CPU 66.

Referring now to both FIGS. 2 and 3, automated exchange door 30 may beopened for service such as to remove deposited currency or to maintainand service bill handlers 31. Automated exchange door 30 is held shut bya locking bolt or plate 61. Lock handle 34 must be turned to withdrawthe locking bolt or plate 61 and it is controlled by intelligent SIPlocking mechanism 62. Pull handle 35 on automated exchange door 30facilitates opening and closing automated exchange door 30. Boltposition sensor 75 signals CPU 66 when door 30 changes state betweenbolted and unbolted. CPU 66 monitors sensors 75 and 77, and provides auser feedback regarding the door locking bar position, both open andclosed, via touch screen 22.

Manual storage door 40 has many similarities with automated exchangedoor 30. It is held closed by a locking bolt or plate 61 that may bemoved by lock handle 34 and is controlled by the intelligent SIP lockingmechanism 62. Bolt position sensor 75 signals CPU 66 when door 40changes state. Manual deposit drawer 25 provides for a means ofdepositing envelopes with bills, checks, or other items. The user,having logged onto cash management safe 1 and progressed to theappropriate display on touch screen 22, enters the amounts of currencyin the manual drop packet into the system via touch screen 22. CPU 66records the amount, and in some embodiments, generates a receipt onprinter 80 at cash management safe 1. Other embodiments may generate areceipt at a nearby supporting printer.

Both automated exchange door 30 and manual storage door 40 enclosesecure interiors. Each is fixed with sensors 77 to confirm theirclosure. CPU 66 records when the doors are opened and by what user asentered at touch screen 22 and external ID sensor 24. In someembodiments, the secure interiors of safe 1 are provided with lighting.Between providing secure space for deposited currency and the innerworking elements of safe 1, space within safe 1 is limited and whenservice is being performed in the interior, light can be restricted. CPU66, once it validates a user's authority to open door 30 or 40, can alsoturn on interior lights to facilitate the activity being undertaken,i.e. retrieving deposits, servicing electrical and mechanical elements,etc.

As alluded to above, several of the elements in cash management safe 1have on-board programmable, or reprogrammable, memory. Cloud Server 8,through its connection to the safes, can re-program and update theinstructions on flash memory devices 72 and 73. This provides theability to globally update a system of several disparately located safesfrom a single remote location nearly simultaneously. Alternatively, asystem of safes wherein the safes are acquired and installed over timemay have variations among the models of individual elements. In thatcase, the cloud based server 8 can maintain a table, or index, of thecomponent parts in each safe and updated the firmware appropriately forthe particular element model. In addition to maintaining model andcomponent information, the software on cloud server 8 has the capabilityof determining the safe's exact location through an uploaded photographof the site (taken during either the site survey or installationprocess) if the photograph contains the EXIF GPS tags as added by mostnewer cameras and PDA's.

CPU 66 receives all signals generated by on-board sensors as well asinformation input by users interfacing with the safes. Logic programmedinto CPU 66 can interpret these signals from on-board sensors todetermine the status of cash management safe 1. For example, CPU 66 maydetermine an alarm condition for cash management safe 1 based on certainsignals, or combination of signals. A signal from seismic sensor 71 maybe interpreted as an indication that cash management safe 1 is beingmoved without authorization and CPU 66 would then determine an alarmcondition for cash management safe 1. Combinations of signals fromsensors 77 and bolt position sensors 75 could be result in thedetermination of an alarm condition. Additionally, user could input adistress code at touch screen 22 or other input interfaces. With theinput of the distress code, CPU 66 would determine an alarm conditionexists.

Once an alarm condition is determined, the software in CPU 66 is capableof generating action. The particular action may depend on the origin ofthe alarm condition. Internal buzzer 76 on board 74 or other soundgenerating apparatuses may be used to generate an audible alarm. Thesoftware in CPU 66 is also has a control point in it which allows a callto an external application interfaced with an alarm panel external tocash management safe 1. This would be used to automatically trigger analarm in a duress situation.

Some situations do not require an alarm per se, but still require actionbe taken, or that a person be informed of the situation. In thesesituations, e-mail alerts, based on rules set up on the cloud server 8and sometimes information provided by cash management safe 1, are sentto lists of e-mail addresses maintained on the cloud server 8. Thesoftware has alert points where the delivery of an immediatenotification of an event or condition is desirable. The software allowsthese events to be classified into categories. Each category of alertsis associated with a list of e-mail addresses that is setup andmaintained through the web services running on the cloud servers 8. Ofcourse, one category could include the alarm condition discussed above.

As discussed above with respect to CPU 66 in FIG. 4, CPU 66 can supporttypes of inputs and outputs beyond touch screen 22. Speaker 28 andmicrophone 29 on upper panel 21 are supported by the audio port on CPU66. The software in CPU 66 has the necessary modules to support thecapture and storage of video from any video camera with a standard USBinterface via the video port on CPU 66. The audio capabilities providean additional medium of communication, while the video capabilitiessupport a common security tool of onsite video.

In addition to supporting audio and video, CPU 66 supports communicationwith external devices to acquire enterprise information. The proprietaryapplication software running on cash management safe 1 has a controlpoint that allows input of data from external systems such as Point ofSale (POS) systems. This transaction data is reported by the cashmanagement safe 1 to the cloud servers 8, where it is stored.

Referring now to FIG. 2, receipt printer 80 is connected to cashmanagement safe 1 by standard communication line 82. Receipt printer 80provides paper receipts for deposits into safe 1 and provides totals forwithdrawals when safe 1 is being serviced and deposits withdrawn. Otherprinters may be connected to safe 1 to receive more extensive reportsgenerated by cloud server 8 or due to the networked nature of thesystem, cloud server 8 can direct reports to any printer networked intothe system.

Depending on its configuration, ID sensor 24 can register an iButton,RFID device, or a biometric characteristic such as a finger print.iButtons contain a chip with stored information and have contacts forcommunication with other devices. With respect to the iButton, ID sensor24 would have complimentary contacts matching those of the iButton tocorrelate an identification with the entered PIN. With respect to theRFID device, ID sensor 24 would have an electromagnetic readerwirelessly communicating with the RFID device. With respect to thebiometric feature, an optical, infrared, or other type of scanner wouldcapture the biometric characteristic. In each of these cases, ID sensor24 would relay its received information back to CPU 66 and CPU 66 wouldperform the comparison to database information which confirm or deny anentered PIN.

The embodiment of safe 1 of FIG. 2 has automated exchange door 30 andmanual storage door 40, and their release is controlled by entry of aPIN into touch screen 22 and the confirmation security device such as aniButton etc. In the embodiment of FIG. 2, safe 1 has LCD screens 37associated with their respective bill handlers 31. LCD(s) 37 display thecurrencies supported by their corresponding bill handler(s) 31,respectively. Automated exchange door 30 has bill handler(s) 31 andmanual storage door 40. Manual drop drawer 25, located in upper panel21, provides access to drop envelopes and other articles. Manual drop 25is secure and prevents vandalism to prior dropped packages or to theinterior of safe 1, as well as discouraging attempts to extractarticles. Manual exchange door 30 provides access for retrieval of itemsdeposited via manual drop drawer 25.

While a local data cache of all information known to CPU 66 is stored onthe encrypted flash memory chip 72, CPU 66 continually updates a cloudserver 8 with this information at programmed intervals. This informationmay include, but is not limited to: system health data (temperaturesensors, voltages), estimated printer head lifetime, local date andtime, uptime, print count, printer status, note count (lifetime,current, and value), percent of cash capacity, number of notes and valuethereof accepted, model of cash acceptor head, serial number of cashacceptor head, complete cash acceptor status data, all transaction logs,shift information, cash accounting, alerts, errors, cash cassette ids,login history, current software version, network information, backup uppower supply (UPS) status, and lock time delay information. Upon startupof safe 1, CPU 66 may also transmit cash acceptor firmware version tocloud server 8. In the event of a network outage, all of thisinformation is kept in the local data cache 72 and all historicalinformation is automatically transferred to cloud server 8 uponrestoration of the network.

The cloud servers 8 are implemented that in the case that more than oneserver exists in the cloud, it is an identical replication of all otherservers in the cloud. All data between the servers is kept isautomatically continuously synchronized. This means that safe 1 canconnect to any available cloud server 8 and reporting done from anycloud server 8 will contain up to date information from safe 1. Cloudserver 8 is intended to be managed and configured either locally orremotely using secure and encrypted web services running on cloudserver(s) 8. These web services are compatible with PDA devices such assmart phones and tablet PCs as well as desktop workstations.

The embodiments and claims disclosed herein are further capable of otherembodiments and of being practiced and carried out in various ways,including various combinations and sub-combinations of the featuresdescribed above but that may not have been explicitly disclosed inspecific combinations and sub-combinations. Accordingly, those skilledin the art will appreciate that the conception upon which theembodiments and claims are based may be readily utilized as a basis forthe design of other structures, methods, and systems. In addition, it isto be understood that the phraseology and terminology employed hereinare for the purposes of description and should not be regarded aslimiting the claims.

Furthermore, the Abstract is neither intended to define the claims ofthe application, nor is it intended to be limiting to the scope of theclaims in any way. It is intended that the application is defined by theclaimed appended hereto.

We claim:
 1. A safe management and transaction tracking system,comprising: a safe enclosing a first secure interior, said safecomprising, a solid state central processing unit, a currency validatingapparatus having a microprocessor in communication with said centralprocessing unit, a first door allowing access to said first secureinterior, said first door secured by a first electronic lock incommunication with said central processing unit, and a first externalcommunication port associated with said central processing unit; anetwork, said network comprising, a solid state server, a work stationand, a first communication link between said work station and said solidstate server; a second communication link between said first externalcommunication port of said safe and said network; wherein said currencyvalidating apparatus is programmable via said network to accept avariety of currency sets; and a dedicated relay circuit for each saidcurrency validating apparatus, said central processing unit capable ofresetting each said relay circuit independently.
 2. The safe managementand transaction tracking system of claim 1, wherein; said centralprocessing unit is programmable via said network to alter a display of atouch screen to display in a variety of languages.
 3. The safemanagement and transaction tracking system of claim 1, furthercomprising; a plurality of solid state servers interlinked with eachother within said network.
 4. The safe management and transactiontracking system of claim 1, comprising; a plurality of said safes, eachsaid safe having a communications link with said network.
 5. The safemanagement and transaction tracking system of claim 1, wherein; saidsafe comprises a plurality of said currency validating apparatuses. 6.The safe management and transaction tracking system of claim 1, wherein;said communications link between said safe and said network is awireless communication link.
 7. The safe management and transactiontracking system of claim 1, further comprising; sensors monitoring saidfirst electronic lock, said sensors communicating with said centralprocessing unit.
 8. The safe management and transaction tracking systemof claim 1, further comprising; a second external communication portassociated with said central processing unit; a printer associated withsaid safe; and, a communication link between said second externalcommunication port and said printer.
 9. The safe management andtransaction tracking system of claim 1, further comprising; an ID sensorassociated with said safe to effect secure login of a user.
 10. The safemanagement and transaction tracking system of claim 9, wherein; said IDsensor is an optical scanner for scanning biometric characteristics of auser.
 11. The safe management and transaction tracking system of claim9, wherein; said ID sensor reads a hardware device assigned to a user.12. The safe management and transaction tracking system of claim 1,wherein; said safe encloses a second secure interior, said safe furthercomprising a second door allowing access to said first secure interior,said second door secured by a second electronic lock in communicationwith said central processing unit.
 13. The safe management andtransaction tracking system of claim 1, wherein; said safe furthercomprises an external USB port and said first electronic lock can beoperated via said external USB port.
 14. The safe management andtransaction tracking system of claim 1, wherein; said safe furthercomprises a speaker and a microphone, and said central processing unitsupports audio input and output via said microphone and said speaker.15. The safe management and transaction tracking system of claim 1,wherein; said central processing unit operates on a proprietaryoperating system not based on commercially available computer operatingsystems.
 16. The safe management and transaction tracking system ofclaim 1, wherein; said central processing unit is programmed to providefirewall functions for said safe.
 17. The safe management andtransaction tracking system of claim 1, wherein; said central processingunit monitors signals from onboard sensors and analyzes said signals foralarm conditions and when an alarm condition is determined contacts andexternal alarm device.
 18. The safe management and transaction trackingsystem of claim 1, wherein; said server maintains a table of e-mailaddresses, and said safe transmits onboard sensor data through saidnetwork to said server, and said server sends e-mail alerts based onrules programmed in said server.
 19. The safe management and transactiontracking system of claim 1, further comprising; a USB port forexchanging information with a point-of-sale station, said centralprocessing unit communicating information from said point-of-salestation to said server.